Hello All,
I believe the following Nessus Script IDs 21690 and 21691 contain a bug.
Source snippet from 21690 version 1.2:
1. else if(ereg(pattern:"^11\..*", string:v))
2. {
3. # Word 2003 - fixed in 11.08026.0
4. middle = ereg_replace(pattern:"^10\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
5. if(middle != v && int(middle) < 8026) { security_hole(port); exit(0); }
Line 4 should be:
middle = ereg_replace(pattern:"^11\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
Source snippet from 21691 version 1.2:
1. else if(ereg(pattern:"^11\..*", string:v))
2. {
3. # PowerPoint 2003 - fixed in 11.8024.0
4. middle = ereg_replace(pattern:"^10\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
5. if(middle != v && int(middle) < 8024) { security_hole(port); exit(0); }
Line 4 should be:
middle = ereg_replace(pattern:"^11\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
Can some review my finding?
Thanks,
Paul Bellefeuille
I believe the following Nessus Script IDs 21690 and 21691 contain a bug.
Source snippet from 21690 version 1.2:
1. else if(ereg(pattern:"^11\..*", string:v))
2. {
3. # Word 2003 - fixed in 11.08026.0
4. middle = ereg_replace(pattern:"^10\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
5. if(middle != v && int(middle) < 8026) { security_hole(port); exit(0); }
Line 4 should be:
middle = ereg_replace(pattern:"^11\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
Source snippet from 21691 version 1.2:
1. else if(ereg(pattern:"^11\..*", string:v))
2. {
3. # PowerPoint 2003 - fixed in 11.8024.0
4. middle = ereg_replace(pattern:"^10\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
5. if(middle != v && int(middle) < 8024) { security_hole(port); exit(0); }
Line 4 should be:
middle = ereg_replace(pattern:"^11\.0\.([0-9]*)\.[0-9]*$", string:v, replace:"\1");
Can some review my finding?
Thanks,
Paul Bellefeuille